LevelOne. User s Manual WAP Mbps Wireless Access Point V

Similar documents
Access Point USER S MANUAL

Figure 35: Active Directory Screen 6. Select the Group Policy tab, choose Default Domain Policy then click Edit.

CE MARK WARNING LIMITED WARRANTY

802.11a g Dual Band Wireless Access Point. User s Manual

LevelOne. User s Manual WNC Mbps Wireless PCI Adapter. Version 1.0

LevelOne WAP User s Manual. 22Mbps Wireless Access Point. Version: 1.0

Wireless LAN Access Point

22Mbps Wireless Network PC Card User Manual

Light Mesh AP. User s Guide. 2009/2/20 v1.0 draft

802.11b/g Access Point WL-8000AP

Wireless LAN Access Point

WL-5420AP. User s Guide

APC-100. IEEE g Wireless USB Adapter. User s Guide v1.0

USB Wireless Network Adapter User s Manual

Wireless LAN Access Point

U S E R M A N U A L b/g PC CARD

LevelOne User Manual WNC-0600USB N_One Wireless USB Adapter

AIRNET 54Mb b/g High Power USB Adapter. User s Manual

54M Wireless LAN CardBus Card

WUG2690 User s Manual

IEEE g Wireless PC Card. User s Guide

Wireless Bridge User Manual. Version 1.0

802.11g PC Card/USB Wireless Adapter

Wireless 11n Smart Repeater AP (1T1R)

802.11b+g Wireless LAN USB Adapter. User Manual

WL556E Portable Wireless-N Repeater

Wireless LAN Card. User s Manual. Contents. A i

11N Wireless PCI Adapter User Guide -6-

Chapter 1 Introduction

Outdoor Wireless USB Adapter User Guide

Table of Contents. Chapter 1Introduction Package Contents Features Specifications Physical Description...

Federal Communication Commission Interference Statement

WL-5450AP & WL-5460AP Wireless Access Point. User s Guide

Wireless g AP. User s Manual

SpeedStream. Wireless PCI Adapter User s Manual. Model SS1024. Part No

150Mbps N Wireless USB Adapter

Security SSID Selection: Broadcast SSID:

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

Wireless LAN USB Adaptor WL-2111 Quick Installation Guide V.1.0

802.11a/b/g Access Point. User s Guide

WLA-5000AP Access Point Mode

IP806GA/GB Wireless ADSL Router

RANGER SERIES. 150Mbps Wireless Green Broadband Router DG-BR4000NG. 150 Mbps V

High Power g Wireless USB Adapter USER MANUAL 1.0.0

WiFi-Repeater User Manual. Quick Installation Guide(Q.I.G.) REV.1.2

LevelOne WBR User s Manual. 11g Wireless ADSL VPN Router. Ver

Wireless b/g Portable Router. User s Guide

CWA-854HT 54 Mbps Wireless-G High Transmission Access Point User s Guide

IP806GA/GB Wireless ADSL Router

WAP3205 v2. User s Guide. Quick Start Guide. Wireless N300 Access Point. Default Login Details. Version 1.00 Edition 2, 12/2012

XAVi Technologies Corporation Tel: Fax: F, No. 129, Hsing Te Road, Sanchung City, Taipei County 241, Taiwan

AirCruiser G Wireless Router GN-BR01G

WL580E. DUAL BAND WALL PLUGGED 300Mbps WIRELESS-N REPEATER

EnGenius EAP N Multi-Function AP/Repeater

A Division of Cisco Systems, Inc. Dual-Band. GHz g a. Dual-Band. Wireless A+G. Access Point. User Guide WIRELESS WAP55AG. Model No.

Wireless Broadband Router

802.11N Wireless Broadband Router

11Mbps Wireless LAN Smart Access Point

Wireless USB Port Multi-Functional Printer Server. Model # AMPS240W. User s Manual. Ver. 1A

54M Wireless LAN Module User s Manual

MIMO Wireless Broadband Route r User s Manual 1

b/g/n 1T1R Wireless USB Adapter. User s Manual

WRT300N-DD User Manual

AmbiCom WL11-SD Wireless LAN SD Card. User Manual

Chapter 1 Introduction

Table of Contents. Chapter 1 Product Overview Features Package Contents LED Indicator and Panel Description...

Wireless USB Adapter User Manual

High Power Wireless N USB Adapter User s Manual

WL 5011s g Wireless Network Adapter Client Utility User Guide

Wireless Access Point

LevelOne User Manual WBR g Wireless ADSL2+ Router

D-Link AirPlus G DWL-G700AP

CMP-WNAP10. Wireless Access Point MANUAL

XG-520 Wireless b/g Portable Router. User s Manual

IEEE b Wireless LAN PC Card

IEEE n Wireless PCI Adapter. User s Manual

PePWave Mesh Connector User Manual

GRE AMERICA, INC. Wireless LAN USB Client Instllation

Wireless G Broadband Travel user manual Model

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No.

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc.

IP819VGA g ADSL VoIP Gateway

Table of Contents. Chapter1 About g Wireless LAN USB Adapter...1

BCM94309MP Mini-PCI Card. User's Manual

2001 by NETGEAR, Inc. All rights reserved.

Longshine Technologie Europe GmbH

GN-WBKG IEEE b/g USB STICK Wireless LAN Card User s Manual

2.4 GHz IEEE g 54Mbps Wireless LAN 2-WAY Access Point

A Division of Cisco Systems, Inc. GHz g. Wireless-G. PCI Adapter with SRX 400. User Guide WIRELESS WMP54GX4. Model No.

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. Access Point WIRELESS WAP54G (EU/LA/UK) Model No.

Wireless Access Point

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No.

11B/G Wireless Mini PCI Adapter WL533MAM User s Manual

Contents Introduction to the Product Configuration CPE built-in Web Server Access CPE Setup on the web page Trouble Shooting Operating Information

Oct 2007 Version 1.01

1. Package contents. 2. Connecting ADSL modem and wireless router

WRE2206. User s Guide. Quick Start Guide. Wireless N300 Range Extender. Default Details. Version 1.00 Edition 1, 01/2015

2) INSERT THE SETUP CD

AC1200M/MS. User Manual

EAP N Multi-Function AP/Repeater

Transcription:

LevelOne WAP-0003 54Mbps Wireless Access Point User s Manual V. 1.0-1-

Manufacturer's Disclaimer Statement The information in this document is subject to change without notice and does not represent a commitment on the part of the vendor. No warranty or representation, either expressed or implied, is made with respect to the quality, accuracy or fitness for any particular purpose of this document. The manufacturer reserves the right to make changes to the content of this document and/or the products associated with it at any time without obligation to notify any person or organization of such changes. In no event will the manufacturer be liable for direct, indirect, special, incidental or consequential damages arising out of the use or inability to use this product or documentation, even if advised of the possibility of such damages. This document contains materials protected by copyright. All rights are reserved. No part of this manual may be reproduced or transmitted in any form, by any means or for any purpose without expressed written consent of its authors. Product names appearing in this document are mentioned for identification purchases only. All trademarks, product names or brand names appearing in this document are registered property of their respective owners. FCC STATEMENT This product has been tested and complies with the specifications for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used according to the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which is found by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures: Reorient or relocate the receiving antenna Increase the separation between the equipment or devices Connect the equipment to an outlet other than the receiver s Consult a dealer or an experienced radio/tv technician for assistance FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator and your body. -2-

Table of Contents INTRODUCTION...4 Product Features... 4 System Requirements... 4 GETTING STARTED...5 Getting To Know The Wireless Network Access Point... 5 WIRELESS NETWORK ACCESS POINT S PORTS... 5 WIRELESS NETWORK ACCESS POINT S LEDS... 5 Connecting The Wireless Network Access Point... 5 Setting Up The Wireless Network Access Point... 6 CONFIGURING YOUR WIRELESS ACCESS POINT...7 Configuration Menu... 8 Getting Started With Setup Wizard...10 Status Page...12 Basic Setting...14 IP Setting...16 Advanced Setting...18 Security...20 802.1x...23 Tools...25 Using AP 54M Utility for Management... 27 Installing AP 54M Utility...27 Manage and Configure Access Point with 54M AP Utility...31 Link Information...32 AP Settings...33 IP Settings...35 WEP Settings...36 802.1x Settings...37 APPENDIX A: TROUBLESHOOTING... 38 APPENDIX B: NETWORKING BASIS... 43 APPENDIX C: 802.1x Authentication Setup... 57 802.1x Authentication Infrastructure...57 Supplicant: Wireless Network PC Card...58 Authenticator: Wireless Network Access Point...76 Radius Server: Window2000 Server...77 APPENDIX D: GLOSSARY... 99 APPENDIX E: TECHNICAL SPECIFICATION...104-3-

INTRODUCTION LevelOne WAP-0003 54Mbps Wireless Access Point is designed to meet the needs of wireless clients who use 2.4GHz 802.11b/g(draft) compliant wireless networking devices such as PC Card. With the Dual-Standard capability, not only seamless but also simultaneous wireless data transmission between AP and all wireless clients using both 802.11b and g (draft) can be sustained. Device network setup can be installed by the simple setup wizard that is provided as part of the web management utility or by manually configured for the advanced settings. SNMP management is also supported to make central network management an easy task for corporation IT personnel. Wireless network protection can be ensured by WEP encryption, Wi-Fi Protected Access (WPA) and 802.1x authentication to achieve maximum level of security. LevelOne WAP-0003, 2.4GHz 802.11g/b Wireless Access Point,offers unbeatable performance for both data throughput and range coverage, which is an ideal device to be deployed not only in complex Enterprise corporation networking infrastructure and metropolitan area but also in simple SOHO and home environments. Product Features Fully IEEE 802.11g (draft) and 802.11b standards compliant. High-speed data transfer of IEEE 802.11b/g(draft) Highly efficient design mechanism to provide unbeatable performance achieving data rate up to 54 Mbps for 802.11g(draft) and 11 Mbps for 802.11b with wide range coverage. Strong network security with 802.1x, Protected Access (WPA) and WEP encryption. Auto-select and use the least crowded channel by Dynamic Channel Selection Function. Quick and easy setup with Web-based management configuration utility. System Requirements Windows 95, 98, 98SE, Millennium, 2000 and XP computers Internet Explorer 5.5 or higher One CD-ROM drive At least one 10/100Mbps Ethernet network adapter installed -4-

GETTING STARTED Getting To Know LevelOne 54Mbps Wireless Access Point LevelOne WAP-0003 WIRELESS ACCESS POINT S PORTS Power Receptor Reset Button MDII RJ-45 Ethernet Port - Straight-Through cable is required to connect with router or switch. - Cross-Over cable is required to connect to computer directly. LevelOne WAP-0003 WIRELESS ACCESS POINT S LEDS Power LED ON when the unit is powered up WLAN LED ON indicates WLAN is working; blink indicates wireless activity LAN LED ON indicates LAN connection; blink indicates LAN activity Connecting LevelOne WAP-0003 Wireless Access Point -5-

In order to setup an Infrastructure of a wireless network such as the example shown above, you will need the following: 1. A broadband Internet connection. 2. ADSL or Cable modem provided by your ISP as part of the broadband connection installation. 3. A Router that connects to the ADSL/Cable modem for Internet connection sharing. 4. An Access Point to connect with the Router to form a wireless infrastructure network. 5. Wireless clients equipped with wireless networking devices such as wireless PC Card for wireless connection. Setting Up LevelOne WAP-0003 Wireless Access Point LevelOne 54mbps Access Point is designed to be working right out of the box. Any changes of the default settings can be easily made through the web-based configuration menu using web browser, such as Internet Explorer. Please go through this chapter carefully for LevelOne Access Point setup. -6-

CONFIGURING LevelOne 54Mbps WIRELESS ACCESS POINT The web-based configuration menu provides user friendly graphic design for easy configuration. Please go through the following check list before you consider using the configuration menu. 1. You will need a JavaScript enabled web browser such as Internet Explorer v5.5 or higher versions. 2. The Ethernet network adapter must be working properly. Please refer to Troubleshooting section for details. 3. If you are connecting LevelOne Access Point thro ugh a router or a local area network, which has DHCP server enabled, you will not need to assign a static IP address to the computer that you are using to configure the Access Point. Please go to check item no. 6 4. If you are not connecting LevelOne Access Point through a router or a local area network, which has DHCP server enabled, you will need to assign a static IP address to the computer that you are using to configure the Access Point. 5. The IP address assigned to the computer that you are using to configure LevelOne Access Point must be in the same IP address range as Access Point s. Please refer to Networking Basis section to learn more about assigning IP address. 6. The power jack must be properly inserted to make sure that LevelOne Access Point is powered. The Default Settings of LevelOne 54Mbps Wireless Access Point: IP Address 192.168.1.1 User Name Password ESSID Admin Admin Wireless Channel 6 WEP Disabled -7-

Configuration Menu You can access the configuration menu anytime by opening up an web browser window, and type in the IP address of LevelOne Access Point. The default IP address of the Access Point is shown below. Open web browser window Type in IP address Press Enter or Go NOTE: The IP address shown above is the default IP address for LevelOne Access Point. Use this IP address when connecting to a network consisting of Access Points set to default settings. If the IP address of the Access Point is being changed to comply with the network, then type in the IP address in the Address field of the web browser, instead of the default IP address. Type in user name Type in password Click OK -8-

NOTE: The default username is admin and the default password is also admin. The configuration menu will appear. You can configure and get information about LevelOne Access Point by going through each tab. Here Status page is displayed. -9-

Getting Started With Setup Wizard Setup wizard is provided as part of the web configuration utility. You can simply follow the step-by-step process to get LevelOne Access Point configured and ready for running in 4 easy steps by clicking on the Wizard button on the function menu. The following screen will appear. Please click Next to continue. Step 1: Set Password LevelOne Access Point is password protected to prevent unauthorized modification to your configuration. You can change to new password if you wish, otherwise simply click Next to continue. After entering the new password in both text boxes, click Next to continue. -10-

Step 2: Set WLAN Connection Enter the SSID that you would like to use and select the channel of operation, then click Next to continue. Step 3: Set WEP Encryption You may enable the WEP security by selecting Enabled, otherwise, simply click Next to continue Select one of the WEP encryption key size and enter the value of the key in the Key text box, then click Next to continue. Step 4: Restart The Setup wizard is now completed. The new settings will be effective after LevelOne Access Point restarts. Click Restart to reboot the Access Point. -11-

LevelOne Access Point is now rebooting, click Close to close the Setup wizard window and go back to the main menu. Status Page This page displays the following information. -12-

Firmware Version: Shows the current firmware version LAN: Shows the Mac address, IP address (default: 192.168.1.1), Subnet Mask, Gateway Address. The current LAN traffic calculated in terms of number of packets sent and received by AP through wired connection is also displayed. Wireless: Shows the Mac address, current ESSID, the status of Encryption Function (Enable or Disable), the current using channel. The current wireless traffic calculated in terms of number of packets sent and received by AP through wireless communication is also displayed. View Log: Upon clicked, the page will change to log page. The log page records every event and the time that it happens. You may clear the entries recorded in the log by clicking the Clear Log button, and refre sh the screen to show the latest log entries by clicking the Refresh button. -13-

Basic Setting This is the page where you can change the basic settings of LevelOne 54Mbps Wireless Access Point with the minimum amount of effort to adjust a secure wireless network. AP Name: Name of the AP, which can be used to identify the Access Point among the all the Access Points in the wireless network. SSID: Service Set Identifier, which is a unique name shared among all clients and nodes in a wireless network. The SSID must be identical for each clients and nodes in the wireless network. Channel: The value of channel that AP will operate in. You can select the channel range of 1 to 11 for North America (FCC) domain, 1 to 13 for European (ETSI) domain and 1 to 14 for Japanese domain. WEP Key: To disable WEP security, click on the Disable option. To enable WEP security, there are 2 type of WEP keys to choose from, 64bits and 128bits. When one of the 2 WEP key options is selected, you must enter the value of one of the four Keys in ASCII or HEX format. You can also enter the values for all four WEP keys, and select one to use. NOTE: When AP s WEP security is enabled, all the wireless clients that wish to connect to the Access Point must also have WEP enabled with the identical WEP Key value entered. For the changes made to any of the items above to be effective, click Apply. -14-

The new settings are now been saved to Access Point and will be effective once the Access Point restarts. Click Back to go back to Basic Setting page. -15-

IP Setting This is the page where you configure the IP and DHCP settings of LevelOne Access Point. The default IP address of LevelOne Access Point is 192.168.1.1 with the Subnet Mask of 255.255.255.0. You can type in other values for IP Address, Subnet Mask and Gateway and click Apply button for the changes to be effective. You can also set the Access Point to obtain the IP from a DHCP server, but it is not recommended. Once set, it will be difficult to determine the dynamic IP assigned to the Access Point. Select the option Obtain IP Automatically and click Apply button for the changes to be effective. DHCP Server: It s not recommended to enable the DHCP Server if you have a DHCP server running in your LAN network, for it will cause possible IP assignment conflict. Enable the DHCP server function by selecting the option On, and enter the IP range. Click OK to close pop-up box. Click Apply for the changes to be effective. -16-

The new settings are now been saved to Access Point and will be effective once the Access Point restarts. Click Back to go back to Basic Setting page. -17-

Advanced Setting This page contains configurations for advanced users, which the change will reflect the wireless performance and operating modes. AP Mode: Select one of the AP operating modes for different application of Access Point. 1. AP The normal Access Point operating mode which forms a wireless ESS network with its wireless clients. 2. AP Client Acts as an Ethernet-to-Wireless Bridge, which allows a LAN or a single computer station to join a wireless ESS network through it. You must make sure that the SSID and Channel is set to the same as that used by the AP you wish to connect. Remote AP BSS ID: key in the LAN Mac address (NOT wireless Mac address) of the AP that you wish to get connected. Please note that if you leave Mac address as 000000000000, then you will get connected by the SSID that is set in you AP. -18-

3. Wireless Bridge A pair of APs operating under Bridge mode to act as the bridge that connects two Ethernet networks or Ethernet enabled clients together. You must make sure that the SSID and Channel is set to the same as that used by the AP you wish to connect. The Remote Bridge MAC is where you enter the MAC address of the other AP that you connect to setup the wireless bridge. Remote Bridge MAC filed: key in the LAN Mac address (NOT wireless Mac address) of the AP that you wish to get connected. 4. Multiple Bridge A group of APs which consists of two or more APs operating under Multiple Bridge mode, that can connect two or more Ethernet networks or Ethernet enabled clients together. The way that multiple bridge setup is based on the topology of Ad-Hoc mode. NOTE: All APs have to use the same Channel and SSID in order to form a Multiple Bridge network. Beacon Interval: To set the period of time in milliseconds that AP sends out a beacon. Default is 100 milliseconds. RTS Threshold: To set the size of RTS/CTS packet size. Default is 2432 bytes. Fragmentation Threshold: To set the number of bytes used for the fragmentation boundary for directed messages. Default is 2436 bytes. DTIM Interval: This value indicates the interval of the Delivery Traffic Indication Message (DTIM). A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages. When the Access Point has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Access Point Clients hear the beacons and awaken to receive the broadcast and multicast messages. Authentication Type: The Authentication Type default is set to Open System, and you may want to set to Shared Key when the clients and AP in the same wireless network enable the WEP encryption. All the nodes and hosts on the network must use the same authentication type. It s recommend that you use the default setting. SSID Broadcast: While SSID Broadcast is enabled, all wireless clients will be able to communicate with the Access Point. For security purpose, you may want to disable SSID Broadcast to allow only those wireless clients with the AP s SSID to communicate with the Access Point. TX Rate: Select the data rate for data transmission. 11g Only Mode: Select Enable or Disable IEEE 802.11g (dragt) only mode. -19-

Security This page is where you configure the security features supported by LevelOne Access Point. Password: Allow you to change the new login password. Here are the necessary steps: 1. Enter the new password in the AP Password New: field. 2. Enter the new password again in the Confirm field. 3. Click Apply NOTE: The wireless clients will not be able to recognize the Access Point using Site Survey utilities, such as zero configuration utility provided in Windows XP. -20-

MAC Filter MAC Filter function controls the MAC of the network devices that are listed in this table for access authorization or denial. When MAC Filter is enabled, by selecting the Enabled radio box, select one of two choices: Only deny PCs with MAC listed below to access device, or Only allow PCs with MAC listed below to access device The maximum number of MAC addresses that can be stored in Access Pint is 50. You can browse through the MAC address saved by selecting the drop-down box. -21-

For any changes made in the security page, click Apply for the changes to be effective. When the above page will appear. Click Back to go back to the previous page. -22-

802.1x There are three essential components to the 802.1x infrastructure: (1) Supplicant, (2) Authenticator and (3) Server. LevelOne Access Point serves as an Authenticator, and the EAP methods used must be supported by the backend Radius Server. The 802.1x security supports both MD5 and TLS Extensive Authentication Protocol (EAP). Please follow the steps below to configure 802.1x security. 1 2 3 4 1. Enable 802.1x security by selecting Enable. 2. If MD5 EAP method is used then you can skip step 2 and go to step 3. 3. Select the Encryption Key Length Size ranging from 64 to 256 Bits that you would like to use. Select the Lifetime of the Encryption Key from 5 Minutes to 1 Day. As soon as the lifetime of the Encryption Key is over, the Encryption Key will be renewed by the Radius server. 4. Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret, which is used by the Radius Server. 5. Enter the IP address of, Port and Shared Secret used by the Secondary Radius Server. Click Help to get interpretation for Encryption Key and Radius Server -23-

6. Click Apply button for the 802.1x settings to take effect after Access Point reboots itself. NOTE: As soon as 802.1x security is enabled, all the wireless client stations that are connected to LevelOne Access Point currently will be disconnected. The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected. -24-

Tools Three functions are provided in this page, Backup/Restore Settings, Restore default settings and Firmware Upgrade. Backup Settings: Click on Backup button, which will open a FileSave Dialog box, where you get to save all the current settings and configurations to a file. Restore Settings: Click on the Browse button to open a FileOpen Dialog box, where you get to select the file, which you save previous settings and configurations, to be opened. Upon selecting the saved file, click Restore and complete the restore process when LevelOne Access Point re -operates after it restarts. Restore to default settings: Click on Default button to restore LevelOne Access Point back to it s manufacture default settings. Firmware Upgrade: Click on the Browse button to open a FileOpen Dialog box, where you get to select the firmware file, which you download from the web for the latest version. Upon selecting the firmware file, click Upgrade and complete the firmware upgrade process -25-

when LevelOne Access Point re -operates after it restarts. -26-

Using AP 54M Utility for Management Installing AP 54M Utility The AP 54M Utility is a program that runs on your PC, which offers easy management for all existing 54Mbps Access Points in the same network domain. Please follow the steps below for installation and refer to Manage and Configure AP with AP 54M Utility session Access point configuration. NOTE: The installation demonstrated is based on Windows XP operating system. The other Windows operation system will have very similar installation. 1. Tu rn on your PC 2. After Windows starts up, insert the 54Mbps Access Point Product CD into the CD tray of the CD-ROM 3. The following screen would appear. -27-

4. Click Install on the menu bar to proceed with 54M AP installation. -28-

The 54M AP Utility loads the Install wizard for installation. Click Next to start installation. Click Next to install in default folder or Click Browse to install in a different folder. -29-

Installation wizard copies the utility program files in your PC. 5. Click Finish to complete the installation. -30-

6. The 54M AP Utility icon would then appear on your desktop for easy access. Manage and Configure Access Point with 54M AP Utility LevelOne AP 54M Utility can be useful in a way that allows you to configure one AP to another to save the trouble of logging into the web configuration utility of each AP. However, all the Access Points that you wish to configure using 54M AP Utility must be in the same network domain as your PC s. You may also check the existence with the Access Point by pinging the IP of the Access Point, for example, 192.168.1.1, in the command prompt window. -31-

Link Information This is the default page when 54M AP Utility starts up. Status displays the basic settings of the selected Access Point. Available AP lists all the 54Mbps Access Point of the same network domain detected on the network. You can select a particular Access Point from the list to view and change its configuration. -32-

AP Settings This is the page that allows you to change the settings of the Access Point. 1 2 3 1 2 3 Basic Setting allows you to enter the new values for ESSID, Channel and AP Name of the Access Point. Mode Setting allows you to change the operating mode of the Access Point. There are 4 modes that you can choose: (1) Access Point, (2) Access Point Client, (3) Wireless Bridge and (4) Multiple Bridge. Please refer to Appendix C, Glossary for the functionalities and definitions of these operating modes. Advanced Setting recommended for advanced users who are familiar with wireless networks, and it s where you set additional parameters and settings of the Access Point. Please refer to Appendix C, Glossary for the definitions of these values and function. For any changes made to be effective, click Apply button. -33-

The utility program will now prompt you for user name and password as part of the login and security protection to make sure you have the right authorization. Enter UserName and Password for the Access Point Click OK button NOTE: The default username is admin and the default password is also admin. The Access Point restarts itself, and the screen will switch back to startup page Link Information -34-

IP Settings This is the page where you configure the IP settings for the Access Point. Select Fixed IP Address and enter the IP address of the Access Point and Gateway. Select DHCP Client if there is a DHCP server assigning IP addresses on the network. Please also refer to Appendix B to learn more about Network and IP address. Click Apply button for any changes made to be effective. The utility program will prompt you for user name and password for security protection. -35-

WEP Settings This is the page that allows you to configure the WEP settings for the Access Point. Enable WEP Key security by clicking Data Encryption Select the Auth. Mode and the Key Length Fill at least one of the 4 Web Key fields with Hex or ASCII values. -36-

802.1x Settings 1. Enable 802.1x security by clicking the 802.1X Function checkbox. 2. If MD5 EAP methods is used then you can skip step 3 and go to step 4. 3. Select the Encryption Key Lifetime from 5 Minutes to 1 Day. As soon as the lifetime of the Encryption Key is over, the Encryption Key will be renewed by the Radius server. 4. Select the Length ranging from 64 to 256 Bits that you would like to use for Encryption Key Length. 5. RADIUS Server 1: Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret, which is used by the Radius Server. 6. RADIUS Server 2: Enter the IP address of, Port and Shared Secret used by the Secondary Radius Server. 7. Click Apply button for the 802.1x settings to take effect after Access Point reboots itself. NOTE: As soon as 802.1x security is enabled, all the wireless client stations that are connected to the Access Point currently will be disconnected. The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected. Please refer to Appendix C for detail 802.1x setup and installation. -37-

APPENDIX A: TROUBLESHOOTING This chapter provides solutions to frequently encountered problems that can occur during the installation and operation of LevelOne 54Mbps Wireless Access Point. Please read through the following to solve your problems. 1. The computer connected to LevelOne Wireless Access Point through Ethernet network cannot access the configuration menu. Check that the Ethernet Adapter is working properly. Make sure that the drivers for the network adapters are installed properly. Check that the Ethernet cable is connect to the Wireless Access Point properly, and the Ethernet LED of the Wireless Access Point is ON. Check that the IP address of the computer is in the same IP range and subnet as that of the Wireless Access Point. Please refer to the Networking Basis in APPENDIX B in this manual for more information if necessary. NOTE: The default IP Address of LevelOne Wireless Access Point is 192.168.1.1. All the computers on the network must have a unique IP address in the same range, e.g., 192.168.1.xxx, and they must all have the same subnet mask, e.g., 255.255.255.0. Check the connection of computer and Wireless Access Point by doing a simple Ping test. Go to Start>Run>Type command > Type ping 192.168.1.1. A successful ping will show responses from the Wireless Access Point. -38-

2. The wireless clients cannot access the network in the infrastructure mode. Check that the wireless network device is being installed and working properly. Go to Start > Right mouse click on My Computer > Properties Go to Hardware -39-

Go to Device Manager Right mouse click on the network adapter which you connect RJ45 cable with. And go to Properties -40-

Check and make sure that the network adapter is working properly 3. Resetting LevelOne Wireless Access Point to Factory Default Setting. You may choose to Reset the Wireless Access Point by doing the following: Locate the Reset button on the back of the Wireless Access Point Use a paper clip to press the Reset button Hold the reset button for at least 5 seconds before you release Wait till the Wireless Access Point reboots itself (it may take a few minutes), then the configuration will be set back to factory default values. 4. What are the operation modes supported by LevelOne Wireless Access Point? The Wireless Access Point supports 4 operation modes: - Access Point: Forms a wireless network and works as a bridge to communicate with Ethernet LAN network. - AP Client: Acts as an wireless client which allows the computers that are connected to the AP to communicate with other wireless clients. - Point-to-Point Bridge: Connects two independent Ethernet LAN networks or computers wirelessly. -41-

- Multi-point Bridge: Connects more than two independent Ethernet LAN networks or computers wirelessly. 5. What is Roaming? Roaming is the ability of portable computers, e.g., Packet PC and notebook, to have consistent and continuous data transmission/reception throughout an area covered by more than one Wireless Access Point. In order to achieve seamless connectivity, all the wireless clients and Access Points must be set to use the same SSID. When a user walked out of the coverage area of one AP into another, the wireless client network device will automatically reestablish connection with the new AP. 6. What is a MAC Address? The Media Access Control (MAC) address is a unique number assigned by the manufacturer to any Ethernet networking devices, e.g. a network adapter, that allows the network to identify it at the hardware level. Unlike IP addresses, which can be changed or dynamically assigned by the network, the MAC address of a networking device is permanent. 7. What is WEP? Wired Equivalent Privacy (WEP) is a type of data encryption mechanism described in the IEEE 802.11 standard. The 54Mbps Wireless Access Point supports 64/128 bit shared key for WEP. 8. Would the information be transmitted securely in the air? WLAN offers two layers of protection for security. First layer is on the hardware level. As with Direct Sequence Spread Spectrum (DSSS) technology, it has the inherent security feature of scrambling. Second of all, on the software level, the security control is made possible by Wired Equivalent Privacy (WEP) for access control. 9. What is ISM band? The FCC and their counterparts outside of the U.S. have set aside bandwidth for unlicensed use in the ISM (Industrial, Scientific and Medical) band. The 2.4GHz unlicensed ISM band is available worldwide, which presents the opportunity for the global market of 802.11b high speed wireless products. -42-

APPENDIX B: NETWORKING BASIS This chapter will help you learn the basics of home networking. Using the Windows XP Network Setup Wizard Go to Start menu > Control Panel > Network Connections In the menu on the left side of the window, select Set up a home or small office network Click Next to procced Click Next to continue -43-

Select the option that best describes how you connect your computer to the Internet. In the case of using router in the network, choose the second option. Click Next to continue. 1. Enter a short description for your computer. 2. Enter a name for your computer to be recognized among the network. 3. Click Next to continue. -44-

Enter Workgroup name for your home network. Click Next to continue Click Next and wait for the wizard to apply the settings. -45-

You may create a network setup disk which saves you the trouble of having to configure every PCs in your network. Select the first choice, and insert a floppy disk into your disk drive Click Next to continue. -46-

Click Format Disk if you wish to format the disk. Click Next to copy the necessary files to the disk. Click Next to continue with the Network Setup Wizard -47-

NOTE: Now you may use the Network Setup Disk you just created in any PCs in your network that you wish to setup. Simply insert the Network Setup Disk into the disk drive of a PC, and open to browse the content of the disk with My Computer or Windows File Manager. Double-click and run the file netsetup for the program to handle the rest. Click Finish to complete the Network Setup Wizard. System will now have to restart in order for the new settings to be effective. Click Yes to restart the computer -48-

Checking IP Address of Your Computer In Windows XP Sometimes you will need to know the IP address of the computer that you are using. For example, when you want to make sure that your computer is in the same network domain as that of your Access Point for you can configure and access the AP. Go to Start menu > Run > type command Click OK When the command prompt window appears, type command ipconfig /all and press Enter. This command will display the IP addresses of all the network adapters in your computer. In this case, the IP address of your network adapter is 192.168.1.2 hich means your Access Point must have an IP address of 192.168.1xxx in order for you to be able to access it. -49-

If the IP address is assigned by DHCP server on the network, there are chances you might have to release the IP and acquire it from DHCP server again. Here is how you do it. Go to Start menu > Run > type command Click OK Type command, ipconfig /renew in the command prompt window and press Enter. This command releases the current IP address and acquire it from the network, i.e. DHCP server, once more. In this case, the IP address that we acquired is 192.168.1.3. However, it s often that the acquired IP address of the network adapter might would not be the same. NOTE: To renew IP under Windows 98 and Windows ME, you will have to go to the Start menu > Run > type winipcfg and click OK. The Windows IP Configuration Menu window would appear, where you first click release button to release the current IP address, followed by clicking of Renew to acquire a new IP address from network. If the above methods for IP renew fail, you will have to try and restart the computer, which will reinitializes the network adapter settings during startup including renewing IP address. If you still have problems getting an IP address after computer restarts, you will have to consult with your MIS in your office or call computer and network technicians. -50-

Dynamic IP Address V.S. Static IP Address By definition Dynamic IP addresses are the IP addresses that are being automatically assigned to a network device on the network. These Dynamically assigned IP addresses will expire and may be changed over time. Static IP addresses are the IP addresses that users manually enter for each of the network adapters. Go to Start menu > Control Panel > Network Connections > Right-click on the active Local Area connection > Select Properties NOTE: There might be two or more Local Area Connection to choose from. You must select the one that you will use to connect to the network. -51-

The Local Area Connection Properties would appear. Select Internet Protocol (TCP/IP) and Click Properties to continue. 54Mbps High Speed Network Adapter Dynamically Assigned IP Address The TCP/IP Properties window appears. Select Obtain an IP address automatically if you are on a DHCP enabled network. Click OK to close the window with the changes made -52-

Static IP Address Select Use the following IP address Enter the IP address and subnet mask fields. Enter the IP address of the Router in the Default gateway field. Enter the IP address of the Router in the DNS server field Click Ok to close the window NOTE: The IP address must be within the same range as the wireless route or Access Point. Wireless Network in Windows 2000 Go to Start menu > Settings > Network and Dial-up Connections > Double -click on the Local Area Connection 54Mbps High Speed Wireless Network Select Internet Protocol (TCP/IP) and click Properties -53-

The TCP/IP Properties window appears. Select Obtain an IP address automatically if you are on a DHCP enabled network. Click OK to close the window with the changes made Select Use the following IP address Enter the IP address and subnet mask fields. Enter the IP address of the Router in the Default gateway field. Enter the IP address of the Router in the DNS server field Click Ok to close the window -54-

Wireless Network In Windows 98 and Windows ME Go to Start menu > Settings > Control Panel > Double-click on Network Select TCP/IP of the network device Click Properties to continue 54 54 54 54 The Access Point restarts itself, and the screen will switch back to startup page Link Information The TCP/IP Properties window appears. Select Obtain an IP address automatically if you are on a DHCP enabled network. Click OK to close the window with the changes made -55-

Select Specify an IP address Enter the IP address and subnet mask fields. In the DNS Configuration Tab Page, (1) enter the IP address of the Router in the Default gateway field. (2) Enter the IP address of the Router in the DNS server field -56-

APPENDIX C: 802.1x Authentication Setup There are three essential components to the 802.1x infrastructure: (1) Supplicant, (2) Authenticator and (3) Server. The 802.1x security supports both MD5 and TLS Extensive Authentication Protocol (EAP). The 802.1x Authentication is a complement to the current WEP encryption used in wireless network. The current security weakness of WEP encryp tion is that there is no key management and no limitation for the duration of key lifetime. 802.1x Authentication offers key management, which includes key per user and key per session, and limits the lifetime of the keys to certain duration. Thus, key decryption by unauthorized attacker becomes extremely difficult, and the wireless network is safely secured. We will introduce the 802.1x Authentication infrastructure as a whole and going into details of the setup for each essential component in 802.1x authentication. 802.1x Authentication Infrastructure Authentication Request 802.11 Wireless Access Points Support 802.1X Public 802.11 Wireless Networks Authentication Success RADIUS Server Internet/ 802.11 Wireless Clients Support 802.1X Intranet The Infrastructure diagram showing above illustrates that a group of 802.11 wireless clients is trying to form a 802.11 wireless network with the Access Point in order to have access to the Internet/Intranet. In 802.1x authentication infrastructure, each of these wireless clients would have to be authenticated by the Radius server, which would grant the authorized client and notified the Access Point to open up a communication port to be used for the granted client. There are 2 Extensive Authentication Protocol (EAP) methods supported: (1) MD5 and (2) TLS. -57-

MD5 authentication is simply a validation of existing user account and password that is stored in the server with what are keyed in by the user. Therefore, wireless client user will be prompted for account/password validation every time when he/she is trying to get connected. TLS authentication is a more complicated authentication, which involves using certificate that is issued by the Radius server, for authentication. TLS authentication is a more secure authentication, since not only the Radius server authenticates the wireless client, but also the client can validate the Radius server by the certificate that it issues. The authentication request from wireless clients and reply by the Radius Server and Access Point process can be briefed as follows: 1. The client sends an EAP start message to the Access Point 2. The Access Point replies with an EAP Request ID message 3. The client sends its Network Access Identifier (NAI) its user name to the Access Point in an EAP Respond message. 4. The Access Point forwards the NAI to the RADIUS server with a RADIUS Access Request message. 5. The RADIUS server responds to the client with its digital certificate. 6. The client validates the digital certificate, and replies its own digital certificate to the RADIUS server. 7. The RADIUS server validates client s digital certificate. 8. The client and RADIUS server derive encryption keys. 9. The RADIUS server sends the access point a RADIUS ACCEPT message, including the client s WEP key. 10. The Access Point sends the client an EAP Success message along with the broadcast key and key length, all encrypted with the client s WEP key. Supplicant: Wireless Network PC Card Here is the setup for the Wireless Network PC Card under Windows XP, which is the only Operating System that our driver supports for 802.1x. Microsoft is planning on supporting 802.1x security in all common Windows Operating System including Win98SE/ME/2000 by releasing Service Pack in 2003. Please note that the setup illustration is based on our 54Mbps wireless PC Card. 1. Go to Start > Control Panel 2. double -click on Network Connections 3. right-click on the Wireless Network Connection that you use with our 54Mbps wireless PC Card. -58-

4. Click Properties to open up the Properties setting window. 5. Click on the Wireless Network tab. 54Mbps High Speed Network Adapter -59-

6. Click Properties of the available wireless network, which you wish to connect or configure. Please note that if you are going to change to a different 802.1x authentication EAP method, i.e. switch from using MD5 to TLS,, you must remove the current existing wireless network from your Preferred networks first, and add it in again. To configure for using TLS authentication method, please follow steps 7 ~ 25. Please follow steps 26 ~ for using MD5 authentication method. -60-

TLS Authentication 7. Select The key is provided for me automatically option 8. Click OK to close the Wireless Network Properties window. 9. Click Authentication tab 10. Select Enable network access control using IEEE 802.1x option to enable 802.1x authentication. -61-

11. Select Smart Card or other Certificate from the drop-down list box for EAP type. 12. Click OK to close the Wireless Network Connection Properties window, thus make the changes effective. The wireless client configuration in the zero -configuration utility provided in Windows XP is now completed for TLS configuration. Before you can enable IEEE 802.1x authentication and have wireless client authenticated by the Radius server, you have to download the certificate to your local computer first. -62-

TLS Authentication Download Digital Certificate from Server In most corporations, it requires internal IT or MIS staff s help to have the certificated downloaded to your local computer. One of the main reasons is that each corporation uses its own server systems, and you will need the assistance from your IT or MIS for account/password, CA server location and etc. The following illustration is based on obtaining a certificate from Windows 2000 Server which can act as a CA server, assuming you have a valid account/password to access the server. 13. Connect to the server and ask for access, and the server will prompt you to enter your user name and password. 14. Enter your user name and password, then click OK to continue. Please note that we use IP addresses for connection with the server for our illustration, and the IP of the server is 192.168.1.10. 15. After successful login, open up your Internet Browser, and type the following in the address field. http://192.168.1.10/certsrv This is how we connect to the Certificate Service installed in Windows 2000 server. -63-

16. Now we are connected to the Certificate Service. Select Request a certificate, and click Next to continue. -64-

17. Select User Certificate request, and click Next to continue. -65-

18. Click Submit > to continue. -66-

19. The Certificate Service is now processing the certificate request. -67-

20. The certificate is issued by the server, click Install this certificate to download and store the certificate to your local computer. 21. Click Yes to store the certificate to your local computer. -68-

22. Certificate is now installed. All the configuration and certificate download are now complete. Let s try to connect to the Access Point using 802.1x TLS Authentication. -69-

23. Windows XP will prompt you to select a certificate for wireless network connection. Click on the network connection icon in the system tray to continue. -70-

24. Select the certificate that was issued by the server (WirelessCA), and click OK to continue. 25. Check the server to make sure that it s the server that issues certificate, and click OK to complete the authentication process. -71-

MD5 Authentication 26. Select Data encryption (WEP enabled) option, but leave other option unselected. 27. Select the key format that you want to use to key in your Network key. ASCII characters: 0~9, a~z and A~Z HEX characters: 0~9, a~f 28. Select the key length that you wish to use 40 bits (5 characters for ASCII, 10 characters for HEX) 104 bits (13 characters for ASCII, 26 characters for HEX) 29. After deciding the key format and key length that you wish to use for network key. Enter the network key in Network key text box. Please note that that value of Network key entered, and key format/length used, must be the same as that used in the Access Point. Although there are 4 set of keys can be set in the Access Point WEP configuration, it s the first set of key that must be the same as that we used by the supplicant wireless client. 30. Click OK to close the Wireless Network Properties window, thus make the changes effective. -72-

31. Select Authentication tab. 32. Select Enable network access control using IEEE 802.1X to enable 802.1x authentication. 33. Select MD-5 Challenge from the drop-down list box for EAP type. 34. Click OK to close Wireless Network Connection Properties window, thus make all the changes effective. -73-

Unlike TLS, which uses digital certificate for validation, the MD-5 Authentication is based on the user account/password. Therefore, you must have a valid account used by the server for validation. 35. WindowsXP will prompt you to enter your user name and password. Click on the network connection icon in the system tray to continue. -74-

36. Enter the user name, password and the logon domain that your account belongs if you have one or more network domain exist in your network. 37. Click OK to complete the validation process. -75-

Authenticator: Wireless Network Access Point This is the web page configuration in LevelOne Access Point that we use. 1. Enable 802.1x security by selecting Enable. 2. If MD5 EAP methods is used then you can skip step 3 and go to step 4. 3. Select the Encryption Key Length Size ranging from 64 to 256 Bits that you would like to use. Select the Lifetime of the Encryption Key from 5 Minutes to 1 Day. As soon as the lifetime of the Encryption Key is over, the Encryption Key will be renewed by the Radius server. 4. Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret, which is used by the Radius Server. 5. Enter the IP address of, Port and Shared Secret used by the Secondary Radius Server. 6. Click Apply button for the 802.1x settings to take effect after Access Point reboots itself. NOTE: As soon as 802.1x security is enabled, all the wireless client stations that are connected to the Access Point currently will be disconnected. The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected. -76-

Radius Server: Window2000 Server This section to help those who has Windows 2000 Server installed and wants to setup Windows2000 Server for 802.1x authentication, which includes setting up Certificate Service for TLS Authentication, and enable EAP-methods. 1. Login into your Windows 2000 Server as Administrator, or account that has Administrator authority. 2. Go to Start > Control Panel, and double-click Add or Remove Programs 3. Click on Add/Remove Windows components 4. Check Certificate Services, and click Next to continue. -77-

5. Select Enterprise root CA, and click Next to continue. 6. Enter the information that you want for your Certificate Service, and click Next to continue. -78-

7. Go to Start > Program > Administrative Tools > Certificate Authority 8. Right-click on the Policy Setting, select new 9. Select Certificate to Issue 10. Select Authenticated Session and Smartcard Logon by holding down to the Ctrl key, and click OK to continue. -79-

11. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 12. Right-click on domain, and select Properties to continue. 13. Select Group Policy tab and click Properties to continue. -80-

14. Go to Computer Configuration > Security Settings > Public Key Policies 15. Right-click Automatic Certificate Request Setting, and select New 16. Click Automatic Certificate Request... -81-

17. The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup, simply click Next through to the last step. 18. Click Finish to complete the Automatic Certificate Request Setup 19. Go to Start > Run, and type command and click Enter to open Command Prompt. 20. Type secedit/refreshpolicy machine_policy to refresh policy. Adding Internet Authentication Service 21. Go to Start > Control Panel > Add or Remove Programs 22. Select Add/Remove Windows Components from the panel on the left. -82-

23. Select Internet Authentication Service, and click OK to install. -83-

Setting Internet Authentication Service 24. Go to Start > Program > Administrative Tools > Internet Authentication Service 25. Right-click Client, and select New Client -84-

26. Enter the IP address of the Access Point in the Client address text field, a memorable name for the Access Point in the Client-Vendor text field, the access password used by the Access Point in the Shared secret text field. Re-type the password in the Confirmed shared secret text field. 27. Click Finish to complete adding of the Access Point. -85-

28. In the Internet Authentication Service, right-click Remote Access Policies 29. Select New Remote Access Policy. 30. Select Day-And-Time-Restriction, and click Add to continue. -86-

31. Unless you want to specify the active duration for 802.1x authentication, click OK to accept to have 802.1x authentication enabled at all times. 32. Select Grant remote access permission, and click Next to continue. -87-

33. Click Edit Profile to open up -88-

For TLS Authentication Setup (Steps 34 ~ 38) 34. Select Authentication Tab 35. Enable Extensible Authentication Protocol, and select Smart Card or other Certificate for TLS authentication -89-

36. Go to Start > Program > Administrative Tools > Active Directory Users and Computers 37. Select Users, and double-click on the user that can be newly created or currently existing, who will be configured to have the right to obtain digital certificate remotely. Please note that in this case, we have a user called, test, whose account/password are used to obtain the digital certificate from server. -90-

38. Go to the Dial-in tab, and check Allow access option for Remote Access Permission and No Callback for Callback Options. -91-

For MD5 Authentication (Steps 39 ~ 54) 39. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 40. Right click on the domain, and select Properties -92-

41. Select Group Policy tab, and click Edit to edit the Group Policy. -93-

42. Go to Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policies 43. Click Define this policy setting, select Enabled, and click OK to continue. -94-

44. Go to Start > Progra m > Administrative Tools > Active Directory Users and Computers. 45. Go to Users. Right-click on the user that you are granting access, and select Properties -95-

46. Go to Account tab, and enable Store password using reversible encryption 47. Click OK to continue. -96-

48. Go to Start > Program > Administrative Tools > Internet Authentication Service. 49. Go to Remote Access Policies 50. Make sure that MD5 is moved up to Order 1 51. Right-click MD5, and select Properties -97-

52. Go to Authentication tab 53. Enable Extensible Authentication Protocol 54. Select MD5-Challenge for EAP type. -98-

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback